Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1-Cv5BKM8zNqXeWC17CN2zV2YkVQ.roa
File: 1-Cv5BKM8zNqXeWC17CN2zV2YkVQ.roa (raw, json)
Hash identifier: sAuytnhp2YO0VVHdD3xq3B3bN0hNL8MnMtuRRIK7UzM=
Subject key identifier: F8:2B:F9:04:A3:3C:CC:DA:97:79:60:B5:EC:23:76:CD:5D:98:91:54
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01999715F67FF22F896C650F7CB9729EB976
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1-Cv5BKM8zNqXeWC17CN2zV2YkVQ.roa
Signing time: Mon 29 Sep 2025 20:07:02 +0000
ROA not before: Mon 29 Sep 2025 20:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 5.181.170.0/24 maxlen: 24
5.183.252.0/24 maxlen: 24
45.10.166.0/24 maxlen: 24
45.10.167.0/24 maxlen: 24
45.66.208.0/24 maxlen: 24
45.132.184.0/24 maxlen: 24
45.138.100.0/24 maxlen: 24
45.148.124.0/24 maxlen: 24
77.220.192.0/24 maxlen: 24
77.220.193.0/24 maxlen: 24
77.220.194.0/24 maxlen: 24
77.220.195.0/24 maxlen: 24
91.132.198.0/24 maxlen: 24
93.177.118.0/23 maxlen: 24
141.98.84.0/24 maxlen: 24
147.78.180.0/24 maxlen: 24
147.78.182.0/24 maxlen: 24
147.78.183.0/24 maxlen: 24
185.61.217.0/24 maxlen: 24
185.61.218.0/24 maxlen: 24
185.61.219.0/24 maxlen: 24
185.61.221.0/24 maxlen: 24
185.61.222.0/24 maxlen: 24
185.61.223.0/24 maxlen: 24
185.68.185.0/24 maxlen: 24
185.77.220.0/24 maxlen: 24
185.77.221.0/24 maxlen: 24
185.77.222.0/24 maxlen: 24
185.77.223.0/24 maxlen: 24
185.88.100.0/24 maxlen: 24
194.104.8.0/24 maxlen: 24
194.104.11.0/24 maxlen: 24
213.108.0.0/24 maxlen: 24
217.145.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:97:15:f6:7f:f2:2f:89:6c:65:0f:7c:b9:72:9e:b9:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Sep 29 20:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f82bf904a33cccda977960b5ec2376cd5d989154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b6:33:13:16:dd:1e:d7:67:ba:4c:c6:b1:02:
25:27:82:ca:45:17:cf:be:22:e7:ba:76:b8:06:8c:
41:44:79:97:f5:43:3e:92:51:af:45:43:1f:5f:f4:
d7:ca:aa:65:37:21:f8:3e:4d:13:29:b1:6a:3e:5d:
2f:5b:28:ff:e6:d0:dd:b0:a7:89:d4:8a:2d:65:3b:
87:4c:d8:f4:5f:ce:dc:f8:84:f5:02:74:74:53:b6:
01:f7:5d:3b:82:2c:64:73:e2:29:4d:83:1b:29:76:
f1:fc:bb:bf:92:81:54:d3:ea:2e:a3:e9:21:49:f4:
89:ad:b2:4a:3e:0b:b3:d9:43:f6:fb:8e:45:bc:f0:
53:a6:e0:90:4a:20:58:04:fa:73:f7:16:80:c0:56:
d2:94:36:4e:8c:6b:4d:94:4b:2c:d9:21:3e:eb:62:
0a:7b:44:41:ed:5c:5d:6d:05:47:ea:ea:49:ab:4e:
b1:f7:2c:0b:5b:2c:09:47:4f:3a:9f:63:b5:93:30:
c6:c8:fb:99:3d:e9:cd:cb:e7:f4:c7:3f:7a:b3:e2:
03:b3:a6:ea:0d:44:60:08:ac:23:8e:b3:d7:14:f7:
7d:69:2c:18:95:34:d3:fb:ba:73:7f:76:df:ea:69:
b0:51:21:d4:1b:e9:dd:64:e9:da:d1:d3:c1:61:eb:
a0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2B:F9:04:A3:3C:CC:DA:97:79:60:B5:EC:23:76:CD:5D:98:91:54
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1-Cv5BKM8zNqXeWC17CN2zV2YkVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.170.0/24
5.183.252.0/24
45.10.166.0/23
45.66.208.0/24
45.132.184.0/24
45.138.100.0/24
45.148.124.0/24
77.220.192.0/22
91.132.198.0/24
93.177.118.0/23
141.98.84.0/24
147.78.180.0/24
147.78.182.0/23
185.61.217.0-185.61.219.255
185.61.221.0-185.61.223.255
185.68.185.0/24
185.77.220.0/22
185.88.100.0/24
194.104.8.0/24
194.104.11.0/24
213.108.0.0/24
217.145.224.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:d6:fc:34:53:66:77:cc:f3:9a:f5:24:38:be:a4:06:ec:93:
c7:1b:71:99:d2:cd:35:7f:1b:36:bb:aa:10:16:0f:3e:dc:90:
38:f2:48:19:af:28:16:f3:46:a8:60:d9:f8:aa:f1:41:9a:17:
a8:1d:38:12:33:3d:d3:fc:47:c8:23:c4:ff:f2:1a:c3:5c:4b:
61:89:53:16:86:85:c9:73:d8:11:95:2c:4d:fc:77:40:7c:4a:
37:c3:db:ab:9c:bb:e1:6f:ab:19:1b:be:9b:72:3d:94:f5:9e:
11:61:17:a2:1b:dc:fd:cd:2b:ba:2e:51:37:c6:0e:8d:47:18:
0f:d8:fe:1a:c4:a7:ca:aa:a4:23:03:e0:ce:50:7f:df:ff:d4:
f1:e5:e8:bc:97:07:ad:b0:dd:a0:55:bb:ca:66:b6:4a:f1:fa:
5d:40:e6:47:fe:26:47:ea:31:a6:29:f6:12:eb:b4:ee:70:66:
5e:85:f9:48:ea:f6:0b:b8:cc:04:2f:d3:fa:15:38:e1:2d:9d:
4a:3e:fd:36:52:ac:d5:28:53:9c:b5:e5:5f:77:04:08:43:29:
c5:97:38:95:e4:1c:d6:6e:b9:36:25:d2:bb:53:07:1e:68:38:
67:bf:d7:16:7a:5b:4d:af:6f:3a:0b:f4:2f:23:d5:21:2c:8d:
96:74:9a:35
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAZmXFfZ/8i+JbGUPfLlynrl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwOTI5MjAwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODJiZjkwNGEzM2NjY2RhOTc3OTYwYjVlYzIzNzZjZDVkOTg5MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7YzExbdHtdnukzGsQIlJ4LKRRfP
viLnuna4BoxBRHmX9UM+klGvRUMfX/TXyqplNyH4Pk0TKbFqPl0vWyj/5tDdsKeJ
1IotZTuHTNj0X87c+IT1AnR0U7YB9107gixkc+IpTYMbKXbx/Lu/koFU0+ouo+kh
SfSJrbJKPguz2UP2+45FvPBTpuCQSiBYBPpz9xaAwFbSlDZOjGtNlEss2SE+62IK
e0RB7VxdbQVH6upJq06x9ywLWywJR086n2O1kzDGyPuZPenNy+f0xz96s+IDs6bq
DURgCKwjjrPXFPd9aSwYlTTT+7pzf3bf6mmwUSHUG+ndZOna0dPBYeugvQIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFPgr+QSjPMzal3lgtewjds1dmJFUMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvMS1DdjVCS004ek5xWGVXQzE3Q04yelYyWWtWUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1
Mi8xL211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBsQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQA
BbWqAwQABbf8AwQBLQqmAwQALULQAwQALYS4AwQALYpkAwQALZR8AwQCTdzAAwQA
W4TGAwQBXbF2AwQAjWJUAwQAk060AwQBk062MAwDBAC5PdkDBAK5PdgwDAMEALk9
3QMEBbk9wAMEALlEuQMEArlN3AMEALlYZAMEAMJoCAMEAMJoCwMEANVsAAMEANmR
4DANBgkqhkiG9w0BAQsFAAOCAQEAG9b8NFNmd8zzmvUkOL6kBuyTxxtxmdLNNX8b
NruqEBYPPtyQOPJIGa8oFvNGqGDZ+KrxQZoXqB04EjM90/xHyCPE//Iaw1xLYYlT
FoaFyXPYEZUsTfx3QHxKN8Pbq5y74W+rGRu+m3I9lPWeEWEXohvc/c0rui5RN8YO
jUcYD9j+GsSnyqqkIwPgzlB/3//U8eXovJcHrbDdoFW7yma2SvH6XUDmR/4mR+ox
pin2Euu07nBmXoX5SOr2C7jMBC/T+hU44S2dSj79NlKs1ShTnLXlX3cECEMpxZc4
leQc1m65NiXSu1MHHmg4Z7/XFnpbTa9vOgv0LyPVISyNlnSaNQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:49 2025 by rpki-client